4 steps to a better EHS compliance program
How to map your EHS compliance transformation plan in four basic steps so you can move from a reactive to an interdependent approach
The way your company manages compliance may mean you’re just waiting for a problem to happen. Adapting your compliance management to a proactive, informed, and data-driven approach means you can be aware of what’s required before you face an incident.
In this article, we’ve taken top tips from health and safety veteran Anthony Wareham in his eBook, A handbook for EHS compliance transformation, to give you a simple 4-step blueprint to follow when planning your EHS compliance program transformation.
1. Understand the scale of compliance maturity
Knowing where you’re starting from and what you’re aiming for is the first step in any business transformation.
Consider that your EHS compliance is on a spectrum of organizational maturity, with reactive compliance on the low end and interdependent compliance on the high end.
The scale of reactive to interdependent compliance.
Reactive compliance will always be a backwards-looking, issue-driven, break-fix approach that waits for problems to occur in the first instance. This is a dangerous state to be in because there’s no way of assessing when an incident will occur, how bad it will be if it does, or any planning to mitigate incident occurrences.
Interdependent compliance is proactive, looking ahead to address changes in advance and ensure recovery plans are in place to manage the most likely or the highest risk events.
2. Establish your baseline
Start by understanding exactly where you are currently. Avoid being judgmental or ascribing blame. Your current position is a matter of fact and there are only two important takeaways — the true position and the improvements needed. To get a true representation of current status, cast the net wide and review as many levels and functions as possible so you can see where the true lines of communication and accountability lie. It’s important to look both internally and externally, to ensure comprehensive coverage.
Internally
Examine the following:
- Skill levels of individuals
- Reporting structures
- Senior health and safety leader’s accessibility to senior officers in the company
- Employees’ view of the safety process
Externally
Seek answers to the following questions:
- How do you collect information about the external regulatory environment?
- Is there a formal review process?
- Have there been regulatory contacts in the past and how where they managed?
It’s important to remember that businesses will start at different points along the scale to interdependency — and in the process of planning, may realize that interdependency is too far for them to reach right now. This is an opportunity for honest self-examination, not a means of scoring for admonishment or complacency purposes.
Be candid about the company’s realistic position and potential, and work to those truths when setting your goals and developing your plans.
3. Plan proactively
A comprehensive baseline analysis will identify significant gaps which need to be prioritized. Improvements may need to be staggered to manage critical aspects early, with further improvements later. The following aspects will need to be addressed:
Leadership engagement
Absolutely critical is a comprehensive report to board level on a regular basis — biannually at a minimum, but quarterly is best. This should cover at least compliance and performance. In most jurisdictions the CEO is legally responsible for compliance — not the health and safety manager — so they need comprehensive information on the compliance status and upcoming changes.
Improvement planning
A plan to fill the gaps identified will be required to get buy-in for resourcing. Resources broadly fall into three categories: administrative effort, expense, and capital. Capital is a long-term issue usually addressed in a fixed financial cycle, but it’s possible to expense smaller costs over the year. There may also be problems that can be resolved with administrative efforts already available. These will often get significant improvements for little initial cost in the short term, so will be a good way of getting the program off the ground. Plan some initial quick successes that can be reinforced in the future. Make sure the plan is SMART (Specific, Measurable, Achievable, Resourced, and Timed).
Metrics
Get a process in place to demonstrate progress. Proactive metrics are best, but a sensible mix of both reactive and proactive works well.
4. Establish regular reviews
This links back to leadership engagement and should be embedded in the calendar. Once the process is established, leadership generally becomes more actively engaged in a program and its importance.
Key takeaways for transforming your EHS compliance program
Before you can determine where you want to go you need to establish where you currently are.
Regulatory compliance and a mechanism that scans the external EHS compliance environment is critical, but the process is very much dependent on internal structures, culture, and communication. These need to be optimized before you can start to move up the curve towards interdependency.
Many of the issues can be addressed without large resource allocation, but take time to resolve — especially if there’s a lot of them. They should be broken down into manageable stages, with the highest risks addressed first.
Capital requirements must be highlighted early so the company can budget accordingly. With the right processes in place and leadership’s support, it should be standard operating procedure to proactively monitor upcoming regulatory changes, forecast and implement new requirements, and report on compliance status — to demonstrate continuous improvement.